Global Directory signatures (was Re: GPG wants to check trustdb every day)

David Shaw dshaw at jabberwocky.com
Wed Dec 29 14:23:17 CET 2004


On Wed, Dec 29, 2004 at 12:47:22AM -0500, Jason Harris wrote:
> On Tue, Dec 28, 2004 at 11:44:21PM -0500, David Shaw wrote:
> 
> > The GD doesn't support no-modify either.
> 
> It is enforcing something.  It won't take any new signatures on its own
> key, 0xCA57AD7C, and the only signatures it has on your key, 0x99242560,
> all seem to be from other keys it has stored.

Yes.  As I understand it, the GD has a weak form of no-modify since it
does not allow new user IDs or subkeys without approval, but does
allow new signatures without approval.  The new signatures must come
from a key that is already on the GD.

It's not a bad way to go, considering the GD is aimed at "regular
people" rather than crypto enthusiasts.  One less special key option
for people to understand.  I'd prefer no-modify, but I'm not the
target audience.

Security-wise, it's safe.  One of my concerns when I first heard about
the GD was that the approval process would allow a key owner to
prevent a signature revocation or designated key revocation from a
third party from reaching his key.  Since third party signatures are
allowed in without key owner approval, this cannot happen.

> Also, it doesn't necessarily wait until its last signature expires before
> issuing a new one:

Yes, I mentioned this in my first mail.  There seems to be an overlap
between the old and new signatures.  The signature lasts for 14 days,
but the new signature is issued sooner.  I've seen overlaps as short
as 8 days.

David



More information about the Gnupg-users mailing list